diff --git a/fcos-tmplt.yaml b/fcos-tmplt.yaml new file mode 100644 index 0000000..cf8bc8b --- /dev/null +++ b/fcos-tmplt.yaml @@ -0,0 +1,349 @@ + - path: /usr/local/bin/geco-cloudinit + mode: 0755 + contents: + inline: | + #!/bin/bash + # + # Copyright (c) 2020 Geco-iT Team - All right reserved + # Geco-iT + # + # $Id: geco-cloudinit 2020-11-26 18:36:24Z cduchenoy $ + # + # Apply Basic Cloudinit Settings + # + # =================================================================================== + declare -r VERSION=1.2011 + + set -e + trap 'catch $?' EXIT + + CIPATH=/run/cloudinit + YQ="yq read --exitStatus --printMode v --stripComments --" + + # =================================================================================== + # functions() + catch() { + ${MOUNTED:-false} && umount ${CIPATH} && rmdir ${CIPATH} + } + mount | grep -q /run/cloudinit && MOUNTED=true # init + + # use for vm clone + sysprep() { + echo "Remove all ssh system keys..." + rm -f /etc/ssh/ssh_host_* + + echo "Clean ostree database..." + rpm-ostree cleanup --base --pending --rollback --repomd + + echo "Remove all local user..." + for user in $(awk -F: -v uiduser="1000" '{if ($3>=uiduser) print $1}' /etc/passwd); do + userdel --force --remove ${user} + done + + echo "Purge all docker ressources..." + docker system prune --all --force + + echo "Remove all network/machine settings..." + rm -f /var/lib/NetworkManager/* + echo "" > /etc/machine-id + + echo "Purge all system logs..." + journalctl --rotate --vacuum-time=1s + systemctl stop systemd-journald* + rm -rf /var/log/journal/* + rm -rf /var/log/ssd/* + + echo "Force run cloudinit on next reboot..." + echo "fake" > /var/.cloudinit + + echo -e "\nShutdown now..." + poweroff + + exit 0 + } + [[ "x${1}" == "xsysprep" ]]&& sysprep + + setup_yq() { + local VER=3.4.1 + + [[ -x /usr/bin/wget ]]&& download_command="wget --quiet --show-progress --output-document" || download_command="curl -s --location --output" + [[ -x /usr/local/bin/yq ]]&& [[ "x$(/usr/local/bin/yq --version | awk '{print $NF}')" == "x${VER}" ]]&& return 0 + echo "Setup yaml parser tools yq..." + rm -f /usr/local/bin/yq + ${download_command} /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/${VER}/yq_linux_amd64 + chmod 755 /usr/local/bin/yq + } + setup_yq + + # network + mask2cdr() + { + # Assumes there's no "255." after a non-255 byte in the mask + local x=${1##*255.} + set -- 0^^^128^192^224^240^248^252^254^ $(( (${#1} - ${#x})*2 )) ${x%%.*} + x=${1%%$3*} + echo $(( $2 + (${#x}/4) )) + } + + cdr2mask() + { + # Number of args to shift, 255..255, first non-255 byte, zeroes + set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0 + [[ $1 -gt 1 ]] && shift $1 || shift + echo ${1-0}.${2-0}.${3-0}.${4-0} + } + + # =================================================================================== + # main() + [[ ! -e /dev/sr0 ]]&& { + echo "[INFO]: Cloudinit: any drive found..." + exit 0 + } + mkdir -p ${CIPATH} + mount -o ro /dev/sr0 ${CIPATH} + MOUNTED=true + + [[ ! -e ${CIPATH}/meta-data ]]&& { + echo "[ERROR]: Cloudinit: nocloud metada not found..." + exit 1 + } + + cloudinit_instanceid="$(${YQ} ${CIPATH}/meta-data 'instance-id')" + if [[ -e /var/.cloudinit ]] + then + [[ "x$(cat /var/.cloudinit)" == "x${cloudinit_instanceid}" ]]&& { + echo "[INFO]: Cloudinit any change detected..." + exit 0 + } + + # hostname + NEWHOSTNAME="$(${YQ} ${CIPATH}/user-data 'hostname' 2> /dev/null)" + [[ -n "${NEWHOSTNAME}" ]]&& [[ "x${NEWHOSTNAME,,}" != "x$(hostname)" ]]&& { + echo -n "[INFO]: Cloudinit: set hostname to ${NEWHOSTNAME,,}... " + hostnamectl set-hostname ${NEWHOSTNAME,,} || { echo "[failed]"; exit 1; } + MUST_REBOOT=true + echo "[done]" + } + # username + NEWUSERNAME="$(${YQ} ${CIPATH}/user-data 'user' 2> /dev/null)" || true # cant be empty if no cloudinit user defined + [[ "x${NEWUSERNAME}" == "x" ]] && NEWUSERNAME="admin" # NEWUSERNAME="core" use "admin" on geco-template + getent passwd ${NEWUSERNAME} &> /dev/null || { + echo -n "[INFO]: Cloudinit: add sytem user: ${NEWUSERNAME}... " + useradd --comment "Geco-iT CoreOS Administrator" --create-home \ + --groups adm,wheel,sudo,systemd-journal,docker ${NEWUSERNAME} &> /dev/null || { echo "[failed]"; exit 1; } + echo "[done]" + } + # passwd + NEWPASSWORD="$(${YQ} ${CIPATH}/user-data 'password' 2> /dev/null)" + [[ -n "${NEWPASSWORD}" ]]&& [[ "x${NEWPASSWORD}" != "x$(grep ^${NEWUSERNAME} /etc/shadow | awk -F: '{print $2}')" ]]&& { + echo -n "[INFO]: Cloudinit: set password for user ${NEWUSERNAME}... " + sed -e "/^${NEWUSERNAME}/d" -i /etc/shadow &> /dev/null || { echo "[failed]"; exit 1; } + echo "${NEWUSERNAME}:${NEWPASSWORD}:18000:0:99999:7:::" >> /etc/shadow || { echo "[failed]"; exit 1; } + chage --lastday "$(date +%Y-%m-%d)" ${NEWUSERNAME} &> /dev/null || { echo "[failed]"; exit 1; } + echo "[done]" + } + # ssh key + [[ -e /var/home/${NEWUSERNAME}/.ssh/authorized_keys.d/ignition ]] || { + install --directory --owner=${NEWUSERNAME} --group=${NEWUSERNAME} \ + --mode=0700 /var/home/${NEWUSERNAME}/.ssh &> /dev/null || { echo "[failed]"; exit 1; } + install --directory --owner=${NEWUSERNAME} --group=${NEWUSERNAME} \ + --mode=0700 /var/home/${NEWUSERNAME}/.ssh/authorized_keys.d &> /dev/null || { echo "[failed]"; exit 1; } + install --owner=${NEWUSERNAME} --group=${NEWUSERNAME} \ + --mode=0600 /dev/null /var/home/${NEWUSERNAME}/.ssh/authorized_keys.d/ignition &> /dev/null || { echo "[failed]"; exit 1; } + } + echo -n "[INFO]: Cloudinit: wrote ssh authorized keys file for user: ${NEWUSERNAME}... " + ${YQ} ${CIPATH}/user-data 'ssh_authorized_keys[*]' > /var/home/${NEWUSERNAME}/.ssh/authorized_keys.d/ignition 2> /dev/null || { echo "[failed]"; exit 1; } + echo "[done]" + # Network => ipv6: TODO + netcards="$(${YQ} ${CIPATH}/network-config 'config[*].name' 2> /dev/null | wc -l)" + nameservers="$(${YQ} ${CIPATH}/network-config "config[${netcards}].address[*]" 2> /dev/null | paste -s -d ";" -)" + searchdomain="$(${YQ} ${CIPATH}/network-config "config[${netcards}].search[*]" 2> /dev/null | paste -s -d ";" -)" + echo "[INFO]: Cloudinit: DNS Server=$nameservers - DNS Search=$searchdomain" + for (( i=O; i<${netcards}; i++ )); do + ipv4="" netmask="" gw="" macaddr="" # reset on each run + ipv4="$(${YQ} ${CIPATH}/network-config config[${i}].subnets[0].address 2> /dev/null)" || { + [[ -e /etc/NetworkManager/system-connections/net${i}.nmconnection ]]&& MUST_NETWORK_RELOAD=true + rm -f /etc/NetworkManager/system-connections/net${i}.nmconnection + continue # dhcp mode + } + netmask="$(${YQ} ${CIPATH}/network-config config[${i}].subnets[0].netmask 2> /dev/null)" + cidr="$(mask2cdr ${netmask})" + gw="$(${YQ} ${CIPATH}/network-config config[${i}].subnets[0].gateway 2> /dev/null)" || true # can be empty + macaddr="$(${YQ} ${CIPATH}/network-config config[${i}].mac_address 2> /dev/null)" + echo "[INFO]: Cloudinit: NET$i IPv4 Network: IP=${ipv4}/${netmask} - GW=${gw:-none} - MAC=${macaddr}" + rm -f /etc/NetworkManager/system-connections/default_connection.nmconnection # remove default connexion settings + if [[ -e /etc/NetworkManager/system-connections/net${i}.nmconnection ]] + then + [[ "x${ipv4}/${cidr}" != "x$(nmcli connection show net${i} 2> /dev/null | grep ^ipv4.addresses: | awk '{print $2}')" ]]&& { + echo -n "[INFO]: Cloudinit: update Network config ipv4 for net${i}... " + nmcli c modify net${i} ipv4.addresses "${ipv4}/${cidr}" + MUST_NET_RECONFIG=true + echo "[done]" + } + [[ "x${gw}" != "x$(nmcli connection show net${i} 2> /dev/null | grep ^ipv4.gateway: | awk '{print $2}')" ]] && { + echo -n "[INFO]: Cloudinit: update Network config gateway for net${i}... " + nmcli c modify net${i} ipv4.gateway "${gw}" + MUST_NET_RECONFIG=true + echo "[done]" + } + [[ "x${searchdomain}" != "x$(nmcli connection show net${i} 2> /dev/null | grep ^ipv4.dns-search: | awk '{print $2}' | tr ',' ';')" ]]&& { + echo -n "[INFO]: Cloudinit: update Network config dns seach for net${i}... " + nmcli c modify net${i} ipv4.dns-search "$(echo ${searchdomain} | tr ";" ",")" + MUST_NET_RECONFIG=true + echo "[done]" + } + [[ "x${nameservers}" != "x$(nmcli connection show net${i} 2> /dev/null | grep ^ipv4.dns: | awk '{print $2}' | tr ',' ';')" ]]&& { + echo -n "[INFO]: Cloudinit: update Network config dns server for net${i}... " + nmcli c modify net${i} ipv4.dns "$(echo ${nameservers} | tr ";" ",")" + MUST_NET_RECONFIG=true + echo "[done]" + } + else + echo -n "[INFO]: Cloudinit: wrote NetworkManager config for net${i}... " + install --mode=0600 /dev/null /etc/NetworkManager/system-connections/net${i}.nmconnection &> /dev/null || { echo "[failed]"; exit 1; } + echo -e "[connection]\ntype=ethernet\nid=net${i}\n#interface-name=eth${i}\n" >> /etc/NetworkManager/system-connections/net${i}.nmconnection + echo -e "[ethernet]\nmac-address=${macaddr}\n" >> /etc/NetworkManager/system-connections/net${i}.nmconnection + echo -e "[ipv4]\nmethod=manual\naddresses=${ipv4}/${netmask}\ngateway=${gw}\ndns=${nameservers}\ndns-search=${searchdomain}" >> /etc/NetworkManager/system-connections/net${i}.nmconnection + MUST_NET_RECONFIG=true + echo "[done]" + fi + done + fi + + ${MUST_NET_RECONFIG:-false}&& { + echo "[INFO]: Cloudinit: must reload network..." + nmcli connection reload + nmcli networking off + nmcli networking on + systemctl restart geco-motd.service + systemctl restart console-login-helper-messages-motdgen.service + } + + echo -n "[INFO]: Cloudinit: save instance id... " + echo "${cloudinit_instanceid}" > /var/.cloudinit + echo "[done]" + ${MUST_REBOOT:-false}&& { + echo "[INFO]: Cloudinit: applied settings; must reboot..." + /bin/systemctl --no-block reboot + } + + exit 0 + +# kernel config + - path: /etc/sysctl.d/20-silence-audit.conf + mode: 0644 + contents: + inline: | + # Raise console message logging level from DEBUG (7) to WARNING (4) + # to hide audit messages from the interactive console + kernel.printk=4 + + - path: /usr/local/bin/run-k3s-prereq-installer + mode: 0755 + contents: + inline: | + #!/usr/bin/env sh + main() { + rpm-ostree install https://github.com/k3s-io/k3s-selinux/releases/download/v1.1.stable.1/k3s-selinux-1.1-1.el7.noarch.rpm + return 0 + } + main + - path: /usr/local/bin/run-k3s-installer + mode: 0755 + contents: + inline: | + #!/usr/bin/env sh + main() { + export K3S_KUBECONFIG_MODE="644" + export INSTALL_K3S_EXEC=" --no-deploy servicelb --no-deploy traefik" + + #curl -sfL https://get.k3s.io | sh - + return 0 + } + main + +systemd: + units: +# geco-cloudinit: apply cloudinit settings on boot + - name: geco-cloudinit.service + enabled: true + contents: | + [Unit] + Description=Geco-iT Cloudinit + Wants=network-online.target + After=network.target network-online.target + + [Service] + Type=oneshot + TimeoutStartSec=0 + ExecStart=/usr/local/bin/geco-cloudinit + RemainAfterExit=yes + + [Install] + WantedBy=multi-user.target + +# qemu-guest-agent + - name: setup-qemu-guest-agent.service + enabled: true + contents: | + [Unit] + Description=Geco-iT Setup Qemu Guest Agent + After=network-online.target + Require=network-online.target + ConditionKernelCommandLine=ignition.platform.id=qemu + ConditionPathExists=!/var/lib/qemu-guest-agent.stamp + + [Service] + Restart=on-failure + RestartSec=20s + Type=oneshot + RemainAfterExit=yes + ExecStart=/bin/rpm-ostree install qemu-guest-agent + ExecStart=/bin/touch /var/lib/qemu-guest-agent.stamp + ExecStart=/bin/systemctl --no-block reboot + + [Install] + WantedBy=multi-user.target + + - name: run-k3s-prereq-installer.service + enabled: true + contents: | + [Unit] + After=network-online.target + Wants=network-online.target + Before=systemd-user-sessions.service + OnFailure=emergency.target + OnFailureJobMode=replace-irreversibly + ConditionPathExists=!/var/lib/k3s-prereq-installed + ConditionPathExists=/var/lib/qemu-guest-agent.stamp + [Service] + RemainAfterExit=yes + Type=oneshot + ExecStart=/usr/local/bin/run-k3s-prereq-installer + ExecStartPost=/usr/bin/touch /var/lib/k3s-prereq-installed + ExecStartPost=/usr/bin/systemctl --no-block reboot + StandardOutput=kmsg+console + StandardError=kmsg+console + [Install] + WantedBy=multi-user.target + - name: run-k3s-installer.service + enabled: true + contents: | + [Unit] + After=network-online.target + Wants=network-online.target + Before=systemd-user-sessions.service + OnFailure=emergency.target + OnFailureJobMode=replace-irreversibly + ConditionPathExists=/var/lib/k3s-prereq-installed + ConditionPathExists=!/var/lib/k3s-installed + ConditionPathExists=/var/lib/qemu-guest-agent.stamp + [Service] + RemainAfterExit=yes + Type=oneshot + ExecStart=/usr/local/bin/run-k3s-installer + ExecStartPost=/usr/bin/touch /var/lib/k3s-installed + StandardOutput=kmsg+console + StandardError=kmsg+console + [Install] + WantedBy=multi-user.target diff --git a/hook-fcos.sh b/hook-fcos.sh new file mode 100755 index 0000000..9c2e0ec --- /dev/null +++ b/hook-fcos.sh @@ -0,0 +1,174 @@ +#!/bin/bash + +#set -e + +vmid="$1" +phase="$2" + +# global vars +COREOS_TMPLT=/opt/fcos-tmplt.yaml +COREOS_FILES_PATH=/etc/pve/pin-pve/coreos +YQ="/usr/local/bin/yq read --exitStatus --printMode v --stripComments --" + +# ================================================================================================================================================================== +# functions() +# +setup_fcoreosct() +{ + local CT_VER=0.7.0 + local ARCH=x86_64 + local OS=unknown-linux-gnu # Linux + local DOWNLOAD_URL=https://github.com/coreos/fcct/releases/download + + [[ -x /usr/local/bin/fcos-ct ]]&& [[ "x$(/usr/local/bin/fcos-ct --version | awk '{print $NF}')" == "x${CT_VER}" ]]&& return 0 + echo "Setup Fedora CoreOS config transpiler..." + rm -f /usr/local/bin/fcos-ct + wget --quiet --show-progress ${DOWNLOAD_URL}/v${CT_VER}/fcct-${ARCH}-${OS} -O /usr/local/bin/fcos-ct + chmod 755 /usr/local/bin/fcos-ct +} +setup_fcoreosct + +setup_yq() +{ + local VER=3.4.1 + + [[ -x /usr/bin/wget ]]&& download_command="wget --quiet --show-progress --output-document" || download_command="curl --location --output" + [[ -x /usr/local/bin/yq ]]&& [[ "x$(/usr/local/bin/yq --version | awk '{print $NF}')" == "x${VER}" ]]&& return 0 + echo "Setup yaml parser tools yq..." + rm -f /usr/local/bin/yq + ${download_command} /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/${VER}/yq_linux_amd64 + chmod 755 /usr/local/bin/yq +} +setup_yq + +# ================================================================================================================================================================== +# main() +# + +if [[ "${phase}" == "pre-stop" ]] +then + echo -e "P: ${phase} - V: ${vmid} ... [Task]\n" + rm -f "${COREOS_FILES_PATH}/${vmid}.id" + rm -f "${COREOS_FILES_PATH}/${vmid}.ign" + rm -f "${COREOS_FILES_PATH}/${vmid}.yaml" +fi + +if [[ "${phase}" == "pre-start" ]] +then + instance_id="$(qm cloudinit dump ${vmid} meta | ${YQ} - 'instance-id')" + instance_name="$(qm config ${vmid} | grep "^name:" | awk '{print $2}')" + + echo -e "\nWorking with - ${instance_name}" + + # same cloudinit config ? + [[ -e ${COREOS_FILES_PATH}/${vmid}.id ]] && [[ "x${instance_id}" != "x$(cat ${COREOS_FILES_PATH}/${vmid}.id)" ]]&& { + rm -f ${COREOS_FILES_PATH}/${vmid}.ign # cloudinit config change + } + [[ -e ${COREOS_FILES_PATH}/${vmid}.ign ]]&& exit 0 # already done + + mkdir -p ${COREOS_FILES_PATH} || exit 1 + + # check config + cipasswd="$(qm cloudinit dump ${vmid} user | ${YQ} - 'password' 2> /dev/null)" || true # can be empty + [[ "x${cipasswd}" != "x" ]]&& VALIDCONFIG=true + ${VALIDCONFIG:-false} || [[ "x$(qm cloudinit dump ${vmid} user | ${YQ} - 'ssh_authorized_keys[*]')" == "x" ]]|| VALIDCONFIG=true + ${VALIDCONFIG:-false} || { + echo "Fedora CoreOS: you must set passwd or ssh-key before start VM${vmid}" + exit 1 + } + + echo -n "Fedora CoreOS: Generate yaml users block... " + echo -e "# This file is managed by Geco-iT hook-script. Do not edit.\n" > ${COREOS_FILES_PATH}/${vmid}.yaml + echo -e "variant: fcos\nversion: 1.1.0" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo -e "# user\npasswd:\n users:" >> ${COREOS_FILES_PATH}/${vmid}.yaml + ciuser="$(qm cloudinit dump ${vmid} user 2> /dev/null | grep ^user: | awk '{print $NF}')" + echo " - name: \"${ciuser:-admin}\"" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " gecos: \"Geco-iT CoreOS Administrator\"" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " password_hash: '${cipasswd}'" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo ' groups: [ "sudo", "docker", "adm", "wheel", "systemd-journal" ]' >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo ' ssh_authorized_keys:' >> ${COREOS_FILES_PATH}/${vmid}.yaml + qm cloudinit dump ${vmid} user | ${YQ} - 'ssh_authorized_keys[*]' | sed -e 's/^/ - "/' -e 's/$/"/' >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo "[done]" + + echo -n "Fedora CoreOS: Generate yaml hostname block... " + hostname="$(qm cloudinit dump ${vmid} user | ${YQ} - 'hostname' 2> /dev/null)" + echo -e "# network\nstorage:\n files:" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " - path: /etc/hostname" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " mode: 0644" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " overwrite: true" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " contents:" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " inline: |" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo -e " ${hostname,,}\n" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo "[done]" + + echo -n "Fedora CoreOS: Generate yaml network block... " + netcards="$(qm cloudinit dump ${vmid} network | ${YQ} - 'config[*].name' 2> /dev/null | wc -l)" + nameservers="$(qm cloudinit dump ${vmid} network | ${YQ} - "config[${netcards}].address[*]" | paste -s -d ";" -)" + searchdomain="$(qm cloudinit dump ${vmid} network | ${YQ} - "config[${netcards}].search[*]" | paste -s -d ";" -)" + for (( i=O; i<${netcards}; i++ )) + do + ipv4="" netmask="" gw="" macaddr="" # reset on each run + ipv4="$(qm cloudinit dump ${vmid} network | ${YQ} - config[${i}].subnets[0].address 2> /dev/null)" || continue # dhcp + netmask="$(qm cloudinit dump ${vmid} network | ${YQ} - config[${i}].subnets[0].netmask 2> /dev/null)" + gw="$(qm cloudinit dump ${vmid} network | ${YQ} - config[${i}].subnets[0].gateway 2> /dev/null)" || true # can be empty + macaddr="$(qm cloudinit dump ${vmid} network | ${YQ} - config[${i}].mac_address 2> /dev/null)" + # ipv6: TODO + + echo " - path: /etc/NetworkManager/system-connections/net${i}.nmconnection" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " mode: 0600" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " overwrite: true" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " contents:" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " inline: |" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " [connection]" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " type=ethernet" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " id=net${i}" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " #interface-name=eth${i}\n" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo -e "\n [ethernet]" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " mac-address=${macaddr}" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo -e "\n [ipv4]" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " method=manual" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " addresses=${ipv4}/${netmask}" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " gateway=${gw}" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo " dns=${nameservers}" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo -e " dns-search=${searchdomain}\n" >> ${COREOS_FILES_PATH}/${vmid}.yaml + done + echo "[done]" + + [[ -e "${COREOS_TMPLT}" ]]&& { + echo -n "Fedora CoreOS: Generate other block based on template... " + cat "${COREOS_TMPLT}" >> ${COREOS_FILES_PATH}/${vmid}.yaml + echo "[done]" + } + + echo -n "Fedora CoreOS: Generate ignition config... " + /usr/local/bin/fcos-ct --pretty --strict \ + --output ${COREOS_FILES_PATH}/${vmid}.ign \ + ${COREOS_FILES_PATH}/${vmid}.yaml 2> /dev/null + [[ $? -eq 0 ]] || { + echo "[failed]" + exit 1 + } + echo "[done]" + + # save cloudinit instanceid + echo "${instance_id}" > ${COREOS_FILES_PATH}/${vmid}.id + + # check vm config (no args on first boot) + qm config ${vmid} --current | grep -q ^args || { + echo -n "Set args com.coreos/config on VM${vmid}... " + rm -f /var/lock/qemu-server/lock-${vmid}.conf + pvesh set /nodes/$(hostname)/qemu/${vmid}/config --args "-fw_cfg name=opt/com.coreos/config,file=${COREOS_FILES_PATH}/${vmid}.ign" 2> /dev/null || { + echo "[failed]" + exit 1 + } + touch /var/lock/qemu-server/lock-${vmid}.conf + + # hack for reload new ignition file + echo -e "\nWARNING: New generated Fedora CoreOS ignition settings, we must restart vm..." + qm stop ${vmid} #&& sleep 2 & #&& qm start ${vmid}& + exit 1 + } +fi + +exit 0